Archive for September, 2007

I love my iPod and my iTunes. I have always liked to pick and choose the tunes I wanted to hear and not have to listen to the entire album/CD if there were some songs that I didn’t care for. Plus, I like to listen to a variety of singers, all mixed together. I’ve created dozens of playlists for various events and activites I do. I have an eclectic taste in music which I am broadening all the time while listening to what I think is one of the top radio stations in the entire country, located right here in the Des Moines, Iowa area. Add to this the many great podcasts that continue to be churned out, and you can imagine how many weeks of total play time are stored on my computer within my MP3s.

Last year I had a couple of different identity theft insurance vendors contact me wanting me to endorse their products as they were trying to sell the packages to employers to offer to their employees as part of their total benefits packages.

Gosh, I just had a flashback to the “Where’s the Beef” commercial from years ago…
The U.S. Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule went into effect in April, 2001, and gave covered entities (CEs) two years to get into compliance. The HIPAA Security Rule went into effect in April 2003 and CEs had until April 2005 to get into compliance.

Here’s something interesting along the compliance front…especially considering the very long hours I used to work for my employer years ago, and how long I know so many other IT folks work long hours trying to resolve problems. It also brings in a law I’m not very familiar with, the Fair Labor Standards Act (FLSA), but motivates me to learn more. Those of you in IT fields will be interested in this…

There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.

There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.